This specification relates to verifying passwords on a mobile device. Access to a mobile device can be restricted by a password scheme, where access is granted when the user enters the correct password. Password hashing techniques are used to avoid storing an explicit representation of the correct password. A hash chain can be initialized with the correct password value, and the tail of the hash chain output can be stored on the mobile device. When a user requests access to the mobile device, the hash chain is initialized with the password entered by the user, and the tail of the hash chain output is compared with the stored value. Access can be granted or denied based on the comparison.
Like reference numbers and designations in the various drawings indicate like elements.